Strong IT security is a losing proposition. If you want to develop a system that’s connected to the internet that is unhackable, you’ve lost the game already. There is no such thing. If someone wants to hack you they will succeed. The only thing you can do is inch your way up the ladder and eliminate the lowest hanging fruit. The strategy becomes being faster than your friend rather than trying to outrun the bear. Other than that get ready to be hacked. Your goal should be to get hacked less frequently than your competitors, and when you’re hacked you want to be sure it’s an inconvenience rather than a business ending catastrophy.
Preventing the severity of the attack is where the tables turn. You as an owner of your data, have an upper hand in restoring control. Just as you had no foolproof protection against getting hacked, your adversary faces the same problem if their goal is to wipe your data or your business operation off the face of the earth. They will not succeed if you don’t want them to. Your secret weapon is physical control. As long are you retain physical control over your data, you may lose many battles, but you will ultimately win the war.
When hackers penetrate a single system, they call that “owning the system”. However, that is overstating their accomplishment a bit. They should really claim that they “temporary control” the system. Of course, that doesn’t have the same ring to it. They don’t “own” anything if they can be locked out by you the owner. Yes, they can do all kinds of damage while on the system. Yes, they can cause down time. Yes, it can be a huge disaster. Yes, it sucks to be hacked. But as long as you retain physical control over your system you’ll always have the upper hand in the long run.
Why physical control? What makes physical control so special? It’s because no matter what kind of games and silly wars happen at the OS or application level, you have a secret secret weapon that hackers don’t. It’s a weapon that’s unstoppable. It’s a weapon that makes all the games stop. You have physical control. Only you can unplug a network cable – they can never plug it back in. Only you can shutdown a machine – they can never start it. Only you can do a offline bare-metal restore and they can’t do a thing about it. Only you can put your your offsite backups in your briefcase, they can hack all night and they are not going to touch those.
This is why public cloud computing is problematic. Public cloud takes away the only truly effective weapon you had. You have 0 physical control in public cloud. You can’t unplug cables, you can’t carry away your backups in a briefcase, and you can’t restore elsewhere. You’re not the owner anymore. With public cloud, you’ve outsourced the battle. The battle is now between your cloud provider and the hacker. Will the cloud fight as hard for you as you would fight for yourself? Probably not. In fact I guarantee it. The cloud will point their finger at you and call it a day.
If you’re going to use the cloud, your physical infrastructure needs to be the root that controls it all. Don’t think of a cloud as a way to “keep your stuff safe”, think of it as a pace where you temporarily place your stuff to get a specific job done. It could be there one day, gone the next – just like a cloud. You should always remain the physical owner of your data and of your key infrastructure.